TA505 Hacker Group Deploys Sneaky RMS Tool in Phishing Campaign

The attackers are using a Remote Management System (RMS) executable to trick victims into downloading malware disguised as banned applications like ExpressVPN, WeChat, and Skype.